Topic: unpatched systems
-
Hackers Breach Federal Agency via GeoServer Flaw, CISA Warns
A critical vulnerability (CVE-2024-36401) in GeoServer was exploited to breach a U.S. federal agency's network after attackers compromised an unpatched server. The attackers moved laterally from the initial entry point, deploying malicious tools like China Chopper and using brute force attacks to...
Read More » -
Urgent: NetScaler Zero-Day Exploit Actively Attacked (CVE-2025-7775)
Three critical vulnerabilities have been discovered in Citrix NetScaler ADC and Gateway devices, with CVE-2025-7775 already being actively exploited for remote code execution and denial of service. Citrix has released security updates for affected versions and strongly advises immediate patching,...
Read More » -
1,200+ Citrix servers vulnerable to critical auth bypass flaw
Over 1,200 Citrix NetScaler systems remain vulnerable to CVE-2025-5777, a severe authentication bypass flaw enabling session hijacking and MFA bypass, with potential active exploitation despite Citrix's denial. The flaw, dubbed "Citrix Bleed 2," allows attackers to steal session tokens and creden...
Read More »